<?
session_start();
require_once('../lib.php');

if(verify_page()){
	$permission = $_SESSION[sess_login]['permission'];
	if( isset($_GET['act']) && $_GET['act'] != ''){
		$act = $_GET['act'];
		switch($act){
			  case "new": 	{	
					  if(isset($_GET['val'])){
								$val = $_GET['val']; 
								echo new_photo($val);
					  }
					  else{ echo json_encode(array("sta"=>"Error_0","text"=>"ERROR Data empty")); }
					  break;
				}
			  case "editinfo": 	{	
						  if( isset($_GET['val']) && $_GET['val'] != ''){
									$val = $_GET['val']; //print_r ($val);
									echo edit_user($val);
						  }
						  else{ echo '0'; }
						  break;
				}
			  case "changepass": 	{	
						  if( isset($_GET['val']) && $_GET['val'] != ''){
									$val = $_GET['val']; //print_r ($val);
									echo changepass_user($val);
						  }
						  else{ echo '0'; }
						  break;
				}
			  case "delete": 	{	
			  		if($permission =='2' || $permission =='3' ){
						  if( isset($_GET['id']) && $_GET['id'] != ''){
								$id = $_GET['id'];
								delete_user($id);
						  }
						  else{
							  echo 'Cannot get variable';
						  }
					}
					else{
						echo '<center><br /><br />You are not permission</center>';
					}
						  break;
				}
			  default:		{
						  echo 'Function false';
						  break;
				}
	
		}
	}
}


function new_photo($val){
	
	$var_array = read_var ($val);
	include("../connect.php");
// Step 1	
	if( $var_array['step_name'] == '1' ){
		$timestr_unique = gettimeunique();
		$current_time = getcurrenttime();
		
		$albumfoldername = $timestr_unique.'-'.utf8_to_ascii($var_array['albumname']);
		$rootfolder = IMAGE_FOLDER_TUONGDOI.'/'.$_SESSION[sess_login]['id'].'-'.$_SESSION[sess_login]['username'];
		if(!is_dir($rootfolder)){
			$rsroot = @mkdir($rootfolder);
		} else { $rsroot = true; }
		
		if($rsroot){
			$dirPath = $rootfolder.'/'.$albumfoldername;
			$rs = @mkdir( $dirPath, 0777 ); 
			if( $rs ){ 
				$command = "Insert into `photo_album` (`datecreate`,`name`,`path`,`maindisplay`,`owner`) values ('".$current_time."','".$var_array['albumname']."','".$albumfoldername."','0','".$_SESSION[sess_login]['id']."')";
				$result = @mysql_query($command, $conn);
				if ( !$result ){
					@rmdir($dirPath);
					return json_encode(array("sta"=>"Error_1","text"=>"ERROR Cannot save data"));
				}
				else {
					$id = @mysql_insert_id();
					return json_encode(array("sta"=>"Success_step1","text"=>"?p=photo&m=new&step=2&id=".$id));
				}
				@mysql_free_result($result);
				@mysql_close($conn);
			}
			else{ return json_encode(array("sta"=>"Error_2","text"=>"ERROR Cannot Create folder for album")); } 
		}
		else{ return json_encode(array("sta"=>"Error_3","text"=>"ERROR Folder for user cannot create")); }
	}
	
// Step 2	
	else if( $var_array['step_name'] == '2' ){
		$idalbum = $var_array['idalbum'];
		if($_SESSION['isupload']){
			return json_encode(array("sta"=>"Error_1","text"=>"System already uploading you file!"));
		}
		else {
			return json_encode(array("sta"=>"Success_step2","text"=>"?p=photo&m=new&step=3&id=".$idalbum));
		}
	}
	
// Step 3	
	else if( $var_array['step_name'] == '3' ){
		$command1 = "UPDATE `photo_album` SET `icon` = '".$var_array['iconalbum']."', `maindisplay` = '".$var_array['mainpagealbum']."', `groupdisplay` = '".$var_array['listdisplayalbum']."',  `description` = '".$var_array['descriptionalbum']."' WHERE `id` = '".$var_array['idalbum']."'";
		$result1 = @mysql_query($command1, $conn);
		if ( !$result1 ){
			return json_encode(array("sta"=>"Error_1","text"=>"ERROR Cannot save data"));
		}
		else {
			return json_encode(array("sta"=>"Success_step3","text"=>"Created Sucessful"));
		}
		@mysql_free_result($result1);
		@mysql_close($conn);
	}
}
/*		else if( $step_name == 'step2' ){
			$id = $_POST['idalbum'];
			header( 'Location: ./viewfolderimage.php?step=3&id='.$id ) ;
		}
		else if( $step_name == 'step3' ){
			//echo $_POST['idalbum'].' - '.$_POST['txticon'].' - '.$_POST['select1'].' - '.$_POST['select2'].' - '.$_POST['textfield1'];
			$id = $_POST['idalbum'];
			$icon = $_POST['txticon'];
			$hienthi = $_POST['select1'];
			$mainpage = $_POST['select2'];
			$comment = $_POST['textfield1'];
			
			$command = "UPDATE `imgalbum` SET `Icon` = '".$icon."', `Comment` = '".$comment."', `Hienthi` = '".$hienthi."', `Main` = '".$mainpage."' WHERE `ID` = '".$id."'";
			$result = @mysql_query($command, $conn);
			if ( !$result ){
				echo "Chương trình không thể can thiệp vào hệ thống. Xin liên hệ với Quản trị";
			}
			else {
				header( 'Location: ./album_manager.php' ) ;
			}
	
		}
		else if( $step_name == 'step4' ){
			//echo $_POST['select_type'].' - '.$_POST['albumname'];
		}
		else {
			echo "Sai bước";
		}
*/		
?>